Cisco Systems, Inc. - Special Call - NasdaqGS:CSCO
NasdaqGS:CSCO
Matt Carling [Executives] đź’¬
Matt Carling, the National Cybersecurity Adviser for Cisco's Security and Trust Organization, made several contributions during the webinar. Below is a detailed list of his statements:
Introduction
- Welcome and Introduction
- Welcomes attendees and introduces himself.
- Mentions his role and location.
- Introduces the guests: Pascal Geenens and Bradley Anstis.
Presentation
- Overview of the Webinar
- Outlines the flow of the webinar, covering the DDoS landscape, impacts, techniques, tactics, and tips for protection and response.
Question and Answer Session
-
Landscape of DDoS Attacks
- Discusses the current landscape of DDoS attacks, noting the prevalence of issue-motivated groups, such as those involved in the Russia-Ukraine conflict and Hamas-Israel tensions.
- Asks Pascal Geenens for insights on the broader landscape beyond these conflicts.
-
Geographical Implications
- Considers the geographical implications for Asia-Pacific regions, noting potential targets due to government support in conflicts and direct financial extortion.
-
Historical Examples
- References the Sony PlayStation DDoS attack from eight years ago as an example of a different motivation, such as gaining reputation among gamers.
-
Local Business Examples
- Shares an anecdote about a local Australian business that faced a DDoS attack during a merger and acquisition process.
-
DDoS as a Service
- Inquires about the trend of DDoS-as-a-service and how it compares to building one's own infrastructure for attacks.
-
Types of DDoS Attacks
- Asks Pascal Geenens to explain different types of DDoS attacks and their techniques, including multi-terabit attacks and application-layer DDoS attacks.
-
Control Plane Protection
- Seeks Bradley Anstis's insights on the importance of control plane isolation and protection, drawing from his experience in the telecommunications sector.
-
Preparation and Defense Strategies
- Asks Pascal Geenens for advice on how organizations should prepare for and defend against DDoS attacks.
-
Frameworks for Incident Response Planning
- Inquires about frameworks that organizations can use for incident response planning, specifically related to DDoS attacks.
-
Tips for CISOs and Security Managers
- Asks Bradley Anstis for practical tips for Chief Information Security Officers (CISOs) and security managers on defending against and responding to DDoS attacks.
-
Role of AI in Detection
- Raises the question of the role of artificial intelligence (AI) in helping attackers and its utility in detection mechanisms.
-
Future of DDoS Attacks
- Asks both Pascal Geenens and Bradley Anstis for their predictions on the future of DDoS attacks and what organizations should be thinking about on the horizon.
Closing Remarks
- Acknowledgments
-
Thanks Pascal Geenens and Bradley Anstis for their participation.
-
Expresses personal appreciation for the knowledge gained and hopes attendees found value in the webinar.
-
Invites attendees to submit any remaining questions, promising follow-up responses.
-
Hands back to Mark Watts to conclude the webinar.
-
Mark Watts [Executives] đź’¬
During the transcript of the special call held by Cisco Systems, Inc., Mark Watts, identified as one of the executives, made the following statements:
-
Opening Remarks:
- Greeted attendees and welcomed them to the Guide to Preventing and Minimizing the Impact of DDoS Attacks Webinar.
- Introduced himself as Mark Watts, the WebEx Producer for the session.
- Notified participants that their microphones were automatically muted and encouraged them to submit questions through the Q&A panel.
- Instructed attendees on how to access the Q&A panel by clicking the three dots on the lower right corner of their WebEx window.
- Mentioned that a survey would automatically appear in their browser at the end of the session and requested them to complete it.
-
Introduction of Matt Carling:
- Indicated that he would hand over the session to Matt Carling, the first speaker, after covering housekeeping notes.
-
Closing Remarks:
-
Thanked attendees for participating in the event.
-
Acknowledged the panelists and speakers for their presentations.
-
Reminded attendees to complete the confidential survey posted in the chat panel and that it would also pop up in their browser upon exiting the session.
-
Bradley Anstis [Email Security Specialist of APJC] đź’¬
Bradley Anstis, Email Security Specialist of APJC, provided insights and personal experiences related to DDoS attacks and defense strategies. Here’s a detailed summary of his contributions:
Introduction
- Role and Background: Bradley Anstis is a cybersecurity specialist at Cisco, based in Australia. His current focus is on email security, although he has experience dealing with DDoS attacks, particularly in the context of telecommunications.
Personal Experience with DDoS Attacks
- Local Mergers and Acquisitions Scenario: Bradley shared an anecdote about a situation in Perth, Australia, where a company undergoing a merger and acquisition was attacked by another company across the street. The attacker used an open-source DDoS kit, illustrating how such tools can be utilized in competitive business scenarios.
- Ease of Conducting DDoS Attacks: He highlighted the ease with which DDoS attacks can be conducted using open-source kits and tools, which can be obtained and used by anyone, even without significant technical expertise.
Control Plane Protection
- Importance of Control Plane Isolation: Bradley emphasized the importance of architecting networks so that the control plane runs on a separate, internal-only network. This ensures that the control plane, critical for understanding and responding to network issues, remains operational even during a DDoS attack.
- Remediation Capabilities: He stressed the importance of ensuring that remediation capabilities are also on a separate network that is not accessible from the outside, thus protecting critical infrastructure.
Tips for Defending Against DDoS Attacks
- Mapping Vulnerable Assets: Bradley recommended mapping out all vulnerable assets, including on-premises and cloud-based applications and servers. This includes keeping an eye on shadow IT practices.
- Risk Assessment: Assessing the risk associated with each asset helps prioritize protection efforts. Different assets may require different levels of protection based on their criticality.
- Protection Strategies: Depending on the criticality of the asset, different protection strategies may be employed, such as on-demand DDoS remediation or permanent traffic redirection via a cloud scrubbing service.
- Detection Mechanisms: Effective detection mechanisms are crucial for identifying DDoS attacks promptly. This includes monitoring application performance from an external user perspective.
- Responsibility Assignment: Assigning responsibility for DDoS protection is essential, especially when using hosted providers or service providers. Ensuring that these providers’ SLAs align with the organization’s requirements is critical.
- Preparation and Effective Response: Organizations should be well-prepared for DDoS attacks, including having effective response plans in place. An example of a failure in response was when an organization’s remediation plan relied on remote access via a compromised DNS server.
Closing Thoughts
-
Business Continuity Planning: Bradley suggested that a better understanding of DDoS attacks and their potential impacts should be integrated into business continuity planning. This can help secure appropriate funding for addressing the issue.
-
Mainstreaming of DDoS Attacks: He predicts that DDoS attacks will become more mainstream, necessitating a broader understanding and more comprehensive planning to address them effectively.